CVE-2022-23518|rails-html-sanitizer is responsible... - VULHUB开源网络安全威胁库

rails-html-sanitizer is responsible... CVE-2022-23518

- AV AC AU C I A

发布： 2022-12-14

修订： 2024-02-01

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有5条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

相关漏洞清单查看更多>

rails-html-sanitizer is responsible... (VHN-412694)
2024-02-01
rails-html-sanitizer is responsible... (VHN-412691)
2024-02-01
rails-html-sanitizer is responsible... (VHN-412693)
2024-02-01
Loofah is a general library for... (VHN-412688)
2023-09-13
Loofah is a general library for... (VHN-412689)
2024-02-01
Loofah is a general library for... (VHN-412690)
2023-09-13
Rails是Rails团队的一套基于Ruby语言的开源Web应用框架。 R... (VHN-424151)
2022-12-08
SnakeYaml's Constructor() class does... (VHN-419584)
2024-06-21
The package org.yaml:snakeyaml from... (VHN-416652)
2024-03-15
TZInfo is a Ruby library that... (VHN-422850)
2022-10-26